[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 588
  • Last Modified:

Routing remote iSeries IP printing through a VPN tunnel


We have an iseries with several *LAN configured printers using port 9100.  These were created using  a CRTDEVPRT command with *IP connection.  They are currently on the same network segment as the iSeries.  For example, one printer has an IP address of  The iSeries will now be moving to a remote location but I still need to be able to route print traffic to this printer.  We will have a VPN tunnel from the new iSeries location to the printer location.  The traffic will have to flow through 2 firewalls.  We can't use a remote output queue because of the printing requirements.

How do we route this traffic?  We could assign an external IP address to the printer and then change the iSeries device to use the external IP and then route it through the firewall and NAT it to the internal ip address at the remote location.  Will this work and is there a better way?  The printer is configured to use port 9100.  Is this the only port required or does is also use port 515 or other ports?
2 Solutions
Jon SnydermanCommented:
Port 9100 is the only port needed.  As long as the 400 can ping the printer on its old IP address, a test device with the printers IP can ping the 400 at it's new address, and the 400 can open port 9100 (test with command: TELNET RMTSYS('') PORT(9100) ), you are good to go.   The complexity of the network is somewhat irrelevant as long as the VPNs that are in place allow for a direct IP connection between the two devices (aka site-to-site VPN).  In your case, the only issue I would foresee is ACLs or rules on the firewall not allowing the ping or port 9100 from one side of the VPN to the other.  

FYI, 9100 is typically for PJL and sometimes IPDS communications.   515 is for pure LPR\LPD.  You should not need that here.

~Jon Snyderman
There might be firewall or ACL problems, but you haven't asked about that yet. So... routing.

If the routing doesn't happen normally, you might simply add a route with the ADDTCPRTE command or through option 2 of the CFGTCP menu.

Exactly how the route parms will be set can be determined if the VPN link is described more.

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now